Microsoft said exploitation was 'less likely' ... but CISA just added SharePoint RCE to KEV list
AI disclosure
Summary
Attackers need little more than a valid SharePoint account to execute code on vulnerable on-prem servers